Vulnerability Details CVE-2017-8742
A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8743.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.277
EPSS Ranking 96.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
- http://www.securityfocus.com/bid/100741
- http://www.securitytracker.com/id/1039323
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8742
- http://www.securityfocus.com/bid/100741
- http://www.securitytracker.com/id/1039323
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8742
Products affected by CVE-2017-8742
-
cpe:2.3:a:microsoft:office_compatibility_pack:-
-
cpe:2.3:a:microsoft:office_web_apps:2010
-
cpe:2.3:a:microsoft:office_web_apps_server:2013
-
cpe:2.3:a:microsoft:powerpoint:2007
-
cpe:2.3:a:microsoft:powerpoint:2010
-
cpe:2.3:a:microsoft:powerpoint:2013
-
cpe:2.3:a:microsoft:powerpoint:2016
-
cpe:2.3:a:microsoft:powerpoint_viewer:2010
-
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016
-
cpe:2.3:a:microsoft:sharepoint_server:2016